11 matches found
CVE-2026-8836
Summary: lwIP up to 2.2.1 contains a vulnerability in the SNMPv3 USM handler. The issue is in the function snmp_parse_inbound_frame (file: src/apps/snmp/snmp_msg.c) where manipulating msgAuthenticationParameters can cause a stack-based buffer overflow. The attack is potentially remote. A patch is...
PT-2026-34174
Name of the Vulnerable Software and Affected Versions frp versions 0.43.0 through 0.68.0 Description An authentication bypass exists in the HTTP vhost routing path when routeByHTTPUser is utilized for access control. In proxy-style requests, the routing logic selects the routeByHTTPUser backend...
Multi-Factor Authentication in Spring Security 7
In 2013, it was proposed to add multi-factor authentication into Spring Security. That was the year that “selfie” was added to the English dictionary and “What Does the Fox Say?” was a viral YouTube hit. Needless to say, one of the biggest features in Spring Security 7 is a long time coming, and ...
EUVD-2024-39425
Malicious code in bioql PyPI...
CVE-2024-42057
A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50W series firmware versions from V4.16 through V5.38, and USG20W-VPN series firmware versions from V4.16...
CVE-2024-42057
A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50W series firmware versions from V4.16 through V5.38, and USG20W-VPN series firmware versions from V4.16...
CVE-2024-42057
A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50W series firmware versions from V4.16 through V5.38, and USG20W-VPN series firmware versions from V4.16...
CVE-2024-42057
A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5.38, USG FLEX 50W series firmware versions from V4.16 through V5.38, and USG20W-VPN series firmware versions from V4.16...
Potential Observable Timing Discrepancy in Wagtail
Impact A potential timing attack exists on pages or documents that have been protected with a shared password through Wagtail's "Privacy" controls. This password check is performed through a character-by-character string comparison, and so an attacker who is able to measure the time taken by this...
Guardicore Centra Release v 31
Guardicore Centra v 31 includes such features as user-based rules and a threat intelligence firewall. Read more about the updates and improvements...
FHFS - FTPHTTP File Server 2.1.2 Remote Command Execution
FHFS - FTPHTTP File Server 2.1.2 Remote Command Execution !/usr/bin/python FHFS - FTP/HTTP File Server 2.1.2 Remote Command Execution Author: Naser Farhadi Date: 26 August 2015 Version: 2.1.2 Tested on: Windows 7 SP1 32 bit Link : http://sourceforge.net/projects/fhfs/ Description : FHFS is a FTP...